Wireshark-users: Re: [Wireshark-users] wireshark dropping packets? wireshark for xandros?

From: Condor Kim <toothache200873@xxxxxxxxx>
Date: Fri, 16 Jan 2009 02:16:04 -0800 (PST)
Hi,
 
apparently even though my wireshark is 1.x, it doesn't have this thing called status bar on it anywhere. i would wish i knew how to enable it.
 
i now have a even bigger problem. couple of days ago i was downloading a large software package from microsoft, and that day when i tried to save all the packets with my wireshark, suddenly this time my wirshark worked so slowly that it took more than 30 minutes to save a pcap file of 479 MB, whereas normally it will take 2 minutes. i knew my wireshark is coming to the end of its life. sure enough, today when i surfed on the net for merely 3 minutes, the wireshark kept flashing on the screen, and the packet display kept jumping, as if in a webcam, and none of the GUI buttons worked, so that i couldn't even save the file by clicking "file" and "save". has anyone encountered this problem?
 
i think it might be because there are several serious trojan horses active in my computer.
 
is there a way to use a command line to save the packets that have already been captured? i couldn't find the command on the help.chm.


From: Andrew Hood <ajhood@xxxxxxxxx>
To: Community support list for Wireshark <wireshark-users@xxxxxxxxxxxxx>
Sent: Thursday, January 15, 2009 5:30:56 AM
Subject: Re: [Wireshark-users] wireshark dropping packets? wireshark for xandros?

Jaap Keuter wrote:
> Hi,
> First one you can check by looking at the statusbar while capturing.
> There you see a count for dropped packets.
>
> Second you can find with google: xandros repository wireshark
>
> Thanx,
> Jaap
>
> Sent from my iPhone
>
> On 14 jan 2009, at 06:52, Condor Kim <toothache200873@xxxxxxxxx
> <mailto:toothache200873@xxxxxxxxx>> wrote:
>
>> hello i use wireshark 1.0.4. i'm not a experienced user, so pls excuse
>> my basic questions.
>>
>> i notice lately that if i am downloading or uploading (via ftp) a
>> large file, like a video, wireshark will show only the packets of the
>> downloading or uploading. if i happen to visit some webpages while
>> downloading or uploading, the traffic for visiting these webpages
>> won't register or show at all in my wireshark. is this normal? does
>> wireshark drop other packets when it's too busy with one connection?

Might those pages be cached by your browser?

Is this Windows? Does Windows have TOE (TCP Offload Engine) enabled? eg
Broadcom Netxtreme drivers support TOE.

If it does have TOE, depending on how many concurrent TCP sessions are
open you may see none, some, or all of the traffic for individual sessions.

And it was alledged to me yesterday that TOE is known to lose packets.

--
There's no point in being grown up if you can't be childish sometimes.
                -- Dr. Who
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
            mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe